-1

I am new to JAX-WS SOAP Web Service, Can any one help me how to consume soap web service over https.

Publisher has shared a ssl certificate(.cer) with me, imported this in a TrustStore using a keytool command.

Now to call saop webservice over a https secure layer I need the .jks file to set it as System Environment Variable.

I followed many resources How can i create keystore from an existing certificate (abc.crt) and abc.key files? but it is expecting serverprivatekey.key file. I do not have private key with me, please help how to proceed.

am I on the right way? or Something wrong in my approach?

Community
  • 1
  • 1
Sandeep Patange
  • 459
  • 6
  • 16

1 Answers1

0

You do not need the private key of the server. You only need to import the public key certificate.cer in a truststore. (Really you only need the root certificate). If you have already done on a JKS, configure to use it through

System.setProperty("javax.net.ssl.trustStore",path/to/your/truststore);
System.setProperty("javax.net.ssl.trustStorePassword",password;

Note: The trustmanager of the HTTPS connection will verify the identity of the server during the handshake checking that the signature perfomed by server corresponds to the public key. So the private key must be private and you should not access to it.

pedrofb
  • 37,271
  • 5
  • 94
  • 142
  • Thanks for your answer. I have set the system property as `System.setProperty("javax.net.ssl.trustStore", "C:\\Program Files\\Java\\jdk1.8.0_45\\jre\\lib\\security\\cacerts"); System.setProperty("javax.net.ssl.trustStorePassword", "changeit");`. but I am getting the **org.apache.cxf.ws.policy.PolicyException: None of the policy alternatives can be satisfied**. – Sandeep Patange Jul 07 '16 at 04:11
  • You do not need to point `javax.net.ssl.trustStore` to JDK `cacerts` because is the default behaviour. The new issue is not related with SSL. Probably you need to set the credentials in SOAP header. See http://stackoverflow.com/questions/12072500/apache-cxf-none-of-the-policy-alternatives-can-be-satisfied – pedrofb Jul 07 '16 at 07:03